Mailing List CGatePro@mail.stalker.com Message #92121
From: Thom O'Connor <thom@communigate.com>
Subject: Re: XMPP LDAP authentication
Date: Thu, 09 Aug 2007 08:57:44 -0700
To: <cgatepro@mail.stalker.com>
> From:   Jonn R Taylor <jonnt@taylortelephone.com>
> Sambedi Fahted wrote:
>
>     Hola CGate Community:
>      I've got CGATE Version 5.1.10 installed. We're able to get Outlook (MAPI) clients and webmail clients authenticated via the authLDAP.pl, but XMPP clients aren't being authenticated via LDAP. I tail my ldap server logs and no searches appear -and in the CGate logs I get this error:
>
>     17:28:41.143 1 EXTAUTH user@domainname.com(XMPP) SASL password is incorrect
>
>     By default, Communigate passwords are disabled, but when I enable my Communigate password and use it, XMPP login succeeds.
>     Is there a way to get XMPP to authenticate through LDAP?
>
>     Thanks for your help.
>
>     -sam
>
>
> Under Users --> Domain Defaults --> Login Methods un-check the CRAM-MD5
> box. This controls SASL auth for Pronto. You can not use SASL with authLDAP.

Hi folks,

This is not exactly accurate - SASL can be used with external LDAP
authentication. SASL with an external LDAP server requires that the LDAP
server be able to either perform the necessary SASL calculations in
tandem with CommuniGate Pro, or even easier, to simply return the PLAIN
text password to CommuniGate Pro, and allow CGatePro to perform the SASL
methods.

This is documented in the Guide in External Authentication:
  http://www.communigate.com/CommunigatePro/Helpers.html#AUTH

This will allow SIP, XMPP, and Pronto to work using SASL authentication
methods with an external Directory.

CommuniGate has a newly written authLDAP-SASL Perl plugin to do this,
which just needs to be tested and the method documented somewhat. We
hope to do this within the next few days.

Sincerely,
 -t
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster